Autor: Heiko Schlittermann Datum: To: exim-users Betreff: Re: [exim] CVE-2019-15846: Exim - local or remote attacker can
execute programs with root privileges
Sebastian Nielsen via Exim-users <exim-users@???> (Fr 06 Sep 2019 21:37:41 CEST): > Ooo just that, forgot that...
>
> But still the question remains, how does it prevent the exploit? Doesn't the
> exploit (root command) get executed immidiately when TLS negotiation is
> done?
This is left as an exercise to the reader of src/src/string.c, where we
applied the patch.
BTW, when the TLS negotiation is done, this is done by a child of the
listener process, and this child process should have dropped its
privileges already.